B2B Gateway, Security Token Service & Vanguard integration for a Federal Agency
Nexright helped a federal agency to implement and secure and effective business integration solutions utilizing IBM Websphere Datapower Appliances
Adopting a B2B strategy can streamline business processes and cut costs by enabling Government organizations to communicate electronically with other federal agencies. The emergence of XML and Web Services as the standards for B2B interoperability allows business information to be exchanged via a variety of technologies, from a simple web browser to a fully integrated solution, to suit the size of the enterprise.
As the client build B2B value chains, they must open up systems which were previously never available outside the firewall to partners’ access.
Multiple servers, proxies, and other products in the DMZ for security, breaking the fundamental principal that the DMZ should be an uncomplex, barren, hostile environment to any potential intruder.
Complex environments are also difficult and expensive to administer, often requiring different skills, teams, and product knowledge.
Security behind the DMZ and in other areas (private, trusted zone, extranet) is important as well, and often weak or neglected due to expense and integration challenges.
Technology stacks running in silo environments that can’t exchange security, services or messages, lack of true enterprise-wise single sign-on.
They decided to use XML, Web Services, and SOA as their standards-based approach in order to speed delivery of business value, but they found that it was natively insecure. This approach was introducing risk and reducing overall performance.
Secure information exchange was a high priority, but it was a complex topic which slowed down their projects. They wanted a simple way to secure, manage, mediate, and protect messages.
The Solution
Nexright helped the customer in start using the DataPower appliance to quickly mitigate the problems inherent in XML. This resulted in lower costs and faster value because on-boarding new users no longer placed such a burden on both sides. It also relieved an anticipated performance degradation.
With a more efficient and flexible system in place, the agency has expanded its Service-Oriented Architecture (SOA) infrastructure and achieved integration with the other partners, while increasing customer satisfaction. The solution provides a higher degree of security and compliance, which are crucial in this industry.
The Benefits
Key to any successful engagement is to facilitate integration with existing applications by exposing enterprise applications as Web services, and defining and implementing XML security, data transformation and data validation.
Nexright WebSphere DataPower Consulting Services are the perfect complement during any phase of the project. They include:
Security: Moving more applications into Web services and SOA means greater exposure to XMLspecific threats. Nexright implemented IBM WebSphere DataPower solution to protect against vulnerabilities by acting as a proxy and performing security checks. Additionally, DataPower natively has full encryption/decryption capabilities, and enables the use of digital signatures.
Access Control: DataPower implementation inspects all incoming messages, performs authentication and authorization for each message, and reject and log invalid requests, to help ensure that only valid requests reach the backend servers. Instead of implementing access control in each XML application, centralizing access policy enforcement, DataPower provides an architecturally sound, easy to manage, and cost-effective solution.
Speed: Nexright increased overall efficiency with a DataPower XML routing solution which offers improved manageability, performance and reliability routing XML messages based on message content, SOAP headers, and network-level metadata. Additionally, it can inspect XML documents or SOAP requests and, based on XML payloads, direct them to appropriate backend servers. It can also perform wire speed XML transformation to re-format incoming messages.
Compliance: With the increase of compliance issues and regulations, more and more companies are having to re-think their infrastructure to avoid steep fines or worse. Nexright implemented DataPower solution which will adhere to regulations and by offering a central point to provide the security to protect networks, encrypt sensitive data, filter for common virus and hacker attacks in addition to being the central place to monitor compliance.
Nexright Advantage
A team of dedicated Datapower certified consultants. The consultants have very strong Integration, Security and Java skills. Consultants have many years of Datapower experience.